- Update from version 4.17.0 to 4.17.3 - Update of rootfile (x86_64) - other architectures will need to be adjusted. - Changelog Release Notes for Samba 4.17.3 This is a security release in order to address the following defects: o CVE-2022-42898: Samba's Kerberos libraries and AD DC failed to guard against integer overflows when parsing a PAC on a 32-bit system, which allowed an attacker with a forged PAC to corrupt the heap. https://www.samba.org/samba/security/CVE-2022-42898.html o Joseph Sutton josephsutton@catalyst.net.nz * BUG 15203: CVE-2022-42898 o Nicolas Williams nico@twosigma.com * BUG 15203: CVE-2022-42898 Release Notes for Samba 4.17.2 This is a security release in order to address the following defects: o CVE-2022-3437: There is a limited write heap buffer overflow in the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal (included in Samba). https://www.samba.org/samba/security/CVE-2022-3437.html o CVE-2022-3592: A malicious client can use a symlink to escape the exported directory. https://www.samba.org/samba/security/CVE-2022-3592.html o Volker Lendecke vl@samba.org * BUG 15207: CVE-2022-3592. o Joseph Sutton josephsutton@catalyst.net.nz * BUG 15134: CVE-2022-3437. Release Notes for Samba 4.17.1 o Jeremy Allison jra@samba.org * BUG 14611: CVE-2021-20251 [SECURITY] Bad password count not incremented atomically. * BUG 15174: smbXsrv_connection_shutdown_send result leaked. * BUG 15182: Flush on a named stream never completes. * BUG 15195: Permission denied calling SMBC_getatr when file not exists. o Douglas Bagnall douglas.bagnall@catalyst.net.nz * BUG 15189: Samba 4.5 sometimes cannot be upgraded to Samba 4.6 or later over DRS: WERROR_DS_DRA_MISSING_PARENT due to faulty GET_ANC. * BUG 15191: pytest: add file removal helpers for TestCaseInTempDir. o Andrew Bartlett abartlet@samba.org * BUG 14611: CVE-2021-20251 [SECURITY] Bad password count not incremented atomically. * BUG 15189: Samba 4.5 sometimes cannot be upgraded to Samba 4.6 or later. over DRS: WERROR_DS_DRA_MISSING_PARENT due to faulty GET_ANC. o Ralph Boehme slow@samba.org * BUG 15182: Flush on a named stream never completes. o Volker Lendecke vl@samba.org * BUG 15151: vfs_gpfs silently garbles timestamps > year 2106. o Gary Lockyer gary@catalyst.net.nz * BUG 14611: CVE-2021-20251 [SECURITY] Bad password count not incremented atomically. o Stefan Metzmacher metze@samba.org * BUG 15200: multi-channel socket passing may hit a race if one of the involved processes already existed. * BUG 15201: memory leak on temporary of struct imessaging_post_state and struct tevent_immediate on struct imessaging_context (in rpcd_spoolss and maybe others). o Noel Power noel.power@suse.com * BUG 15205: Since popt1.19 various use after free errors using result of poptGetArg are now exposed. o Anoop C S anoopcs@samba.org * BUG 15192: Remove special case for O_CREAT in SMB_VFS_OPENAT from vfs_glusterfs. o Andreas Schneider asn@samba.org * BUG 15169: GETPWSID in memory cache grows indefinetly with each NTLM auth. o Joseph Sutton josephsutton@catalyst.net.nz * BUG 14611: CVE-2021-20251 [SECURITY] Bad password count not incremented atomically.
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- config/rootfiles/packages/x86_64/samba | 1 + lfs/samba | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/config/rootfiles/packages/x86_64/samba b/config/rootfiles/packages/x86_64/samba index 2d8f0ae0d..e360fa494 100644 --- a/config/rootfiles/packages/x86_64/samba +++ b/config/rootfiles/packages/x86_64/samba @@ -514,6 +514,7 @@ usr/lib/python3.10/site-packages/samba/tdb_util.py #usr/lib/python3.10/site-packages/samba/tests/krb5/kdc_tests.py #usr/lib/python3.10/site-packages/samba/tests/krb5/kdc_tgs_tests.py #usr/lib/python3.10/site-packages/samba/tests/krb5/kpasswd_tests.py +#usr/lib/python3.10/site-packages/samba/tests/krb5/lockout_tests.py #usr/lib/python3.10/site-packages/samba/tests/krb5/ms_kile_client_principal_lookup_tests.py #usr/lib/python3.10/site-packages/samba/tests/krb5/nt_hash_tests.py #usr/lib/python3.10/site-packages/samba/tests/krb5/pac_align_tests.py diff --git a/lfs/samba b/lfs/samba index f743bfa30..ee1d2be94 100644 --- a/lfs/samba +++ b/lfs/samba @@ -24,7 +24,7 @@
include Config
-VER = 4.17.0 +VER = 4.17.3 SUMMARY = A SMB/CIFS File, Print, and Authentication Server
THISAPP = samba-$(VER) @@ -33,7 +33,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = samba -PAK_VER = 88 +PAK_VER = 89
DEPS = avahi cups libtirpc perl-Parse-Yapp perl-JSON
@@ -47,7 +47,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = d05b17748092bc151b0b627156b1da4a8b30b603569adcef376640745425321617a755add41315af0b38876344323a20185063e131c342c9b6fdcb9542be73f1 +$(DL_FILE)_BLAKE2 = dfd8e09914aa3f7188e8672ea06aa0409b48931bad9e56e2b54af3145c1df1285ba71d2f6b166a84aaa27a539d8a1de30c9418b337d56b4ae8470ecfb6f44f01
install : $(TARGET)
Reviewed-by: Michael Tremer michael.tremer@ipfire.org
On 28 Nov 2022, at 13:23, Adolf Belka adolf.belka@ipfire.org wrote:
- Update from version 4.17.0 to 4.17.3
- Update of rootfile (x86_64) - other architectures will need to be adjusted.
- Changelog Release Notes for Samba 4.17.3
This is a security release in order to address the following defects: o CVE-2022-42898: Samba's Kerberos libraries and AD DC failed to guard against integer overflows when parsing a PAC on a 32-bit system, which allowed an attacker with a forged PAC to corrupt the heap. https://www.samba.org/samba/security/CVE-2022-42898.html o Joseph Sutton josephsutton@catalyst.net.nz
- BUG 15203: CVE-2022-42898
o Nicolas Williams nico@twosigma.com
- BUG 15203: CVE-2022-42898
Release Notes for Samba 4.17.2 This is a security release in order to address the following defects: o CVE-2022-3437: There is a limited write heap buffer overflow in the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal (included in Samba). https://www.samba.org/samba/security/CVE-2022-3437.html o CVE-2022-3592: A malicious client can use a symlink to escape the exported directory. https://www.samba.org/samba/security/CVE-2022-3592.html o Volker Lendecke vl@samba.org
- BUG 15207: CVE-2022-3592.
o Joseph Sutton josephsutton@catalyst.net.nz
- BUG 15134: CVE-2022-3437.
Release Notes for Samba 4.17.1 o Jeremy Allison jra@samba.org
- BUG 14611: CVE-2021-20251 [SECURITY] Bad password count not incremented atomically.
- BUG 15174: smbXsrv_connection_shutdown_send result leaked.
- BUG 15182: Flush on a named stream never completes.
- BUG 15195: Permission denied calling SMBC_getatr when file not exists.
o Douglas Bagnall douglas.bagnall@catalyst.net.nz
- BUG 15189: Samba 4.5 sometimes cannot be upgraded to Samba 4.6 or later over DRS: WERROR_DS_DRA_MISSING_PARENT due to faulty GET_ANC.
- BUG 15191: pytest: add file removal helpers for TestCaseInTempDir.
o Andrew Bartlett abartlet@samba.org
- BUG 14611: CVE-2021-20251 [SECURITY] Bad password count not incremented atomically.
- BUG 15189: Samba 4.5 sometimes cannot be upgraded to Samba 4.6 or later. over DRS: WERROR_DS_DRA_MISSING_PARENT due to faulty GET_ANC.
o Ralph Boehme slow@samba.org
- BUG 15182: Flush on a named stream never completes.
o Volker Lendecke vl@samba.org
- BUG 15151: vfs_gpfs silently garbles timestamps > year 2106.
o Gary Lockyer gary@catalyst.net.nz
- BUG 14611: CVE-2021-20251 [SECURITY] Bad password count not incremented atomically.
o Stefan Metzmacher metze@samba.org
- BUG 15200: multi-channel socket passing may hit a race if one of the involved processes already existed.
- BUG 15201: memory leak on temporary of struct imessaging_post_state and struct tevent_immediate on struct imessaging_context (in rpcd_spoolss and maybe others).
o Noel Power noel.power@suse.com
- BUG 15205: Since popt1.19 various use after free errors using result of poptGetArg are now exposed.
o Anoop C S anoopcs@samba.org
- BUG 15192: Remove special case for O_CREAT in SMB_VFS_OPENAT from vfs_glusterfs.
o Andreas Schneider asn@samba.org
- BUG 15169: GETPWSID in memory cache grows indefinetly with each NTLM auth.
o Joseph Sutton josephsutton@catalyst.net.nz
- BUG 14611: CVE-2021-20251 [SECURITY] Bad password count not incremented atomically.
Signed-off-by: Adolf Belka adolf.belka@ipfire.org
config/rootfiles/packages/x86_64/samba | 1 + lfs/samba | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/config/rootfiles/packages/x86_64/samba b/config/rootfiles/packages/x86_64/samba index 2d8f0ae0d..e360fa494 100644 --- a/config/rootfiles/packages/x86_64/samba +++ b/config/rootfiles/packages/x86_64/samba @@ -514,6 +514,7 @@ usr/lib/python3.10/site-packages/samba/tdb_util.py #usr/lib/python3.10/site-packages/samba/tests/krb5/kdc_tests.py #usr/lib/python3.10/site-packages/samba/tests/krb5/kdc_tgs_tests.py #usr/lib/python3.10/site-packages/samba/tests/krb5/kpasswd_tests.py +#usr/lib/python3.10/site-packages/samba/tests/krb5/lockout_tests.py #usr/lib/python3.10/site-packages/samba/tests/krb5/ms_kile_client_principal_lookup_tests.py #usr/lib/python3.10/site-packages/samba/tests/krb5/nt_hash_tests.py #usr/lib/python3.10/site-packages/samba/tests/krb5/pac_align_tests.py diff --git a/lfs/samba b/lfs/samba index f743bfa30..ee1d2be94 100644 --- a/lfs/samba +++ b/lfs/samba @@ -24,7 +24,7 @@
include Config
-VER = 4.17.0 +VER = 4.17.3 SUMMARY = A SMB/CIFS File, Print, and Authentication Server
THISAPP = samba-$(VER) @@ -33,7 +33,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = samba -PAK_VER = 88 +PAK_VER = 89
DEPS = avahi cups libtirpc perl-Parse-Yapp perl-JSON
@@ -47,7 +47,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = d05b17748092bc151b0b627156b1da4a8b30b603569adcef376640745425321617a755add41315af0b38876344323a20185063e131c342c9b6fdcb9542be73f1 +$(DL_FILE)_BLAKE2 = dfd8e09914aa3f7188e8672ea06aa0409b48931bad9e56e2b54af3145c1df1285ba71d2f6b166a84aaa27a539d8a1de30c9418b337d56b4ae8470ecfb6f44f01
install : $(TARGET)
-- 2.38.1
-
Adolf Belka -
Michael Tremer